Cybersecurity is something Raytheon takes very seriously and so do our customers, from global governments to Fortune 500 companies. That’s why they trust us to deliver the end-to-end offensive and/or defensive solutions that successfully protect them from a wide range of internal and external threats including breach, fraud, theft and sabotage.
This career opportunity is for the Information System Security Manager (ISSM) position at the Raytheon Intelligence, Information, and Services (IIS) Newport News, Virginia, facility. The ISSM is responsible for daily operations and successful execution of the Cybersecurity program and assets under their purview. Selected candidate is expected to execute security requirements to include those defined within the National Industrial Security Program Operations Manual (NISPOM) in alignment with Defense Counterintelligence Security Agency (DCSA) oversight. Requirements include those outlined within the DCSA Assessment and Authorization Process Manual (DAAPM) and NIST Special Publications 800-37 and 800-53. The candidate must be proficient with the Risk Management Framework (RMF) and Continuous Monitoring (CONMON) activities. Some key activities of the ISSM include (but are not limited to):* Register new information systems and carry out Assessment and Authorization (A&A) activities
- Prepare RMF artifacts to include System Security Plans (SSP), Security Controls Traceability Matrix (SCTM), Security Concept of Operations (CONOPS), Risk Assessment Report (RAR), and detailed technical artifacts to support A&A (e.g., hardware/software mappings, information systems and network configuration diagrams)
- Sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, vulnerability scanning and remediation, audit reviews, etc.)
- Information System Self-Inspection, Auditing, and Continuous Monitoring (CONMON)
- Interfacing with Internal/External Customers: DoD Customers, Program Managers/Directors, IT, etc.
- Cybersecurity Training and Awareness
- Review audit data, investigate, report, and remediate security incidents
- Incident response planning, investigation, and resolution
- Development, maintenance, and execution of effective, well written, and customer-compliant Cybersecurity policies and procedures
The ideal candidate possesses strong written and oral communications skills, technical knowledge, exemplary customer service skills, strong time management skills, the ability to creatively find solutions to complex challenges, and the ability to multi-task and thrive in a fast paced environmentRequired Skills
- US Citizen with an active DoD Secret security clearance
- 6 years of experience in Information Systems Security/Information Assurance, Security Engineering, or IT Systems Administration
- Familiarity with the development of System Security Plans (SSPs) and/or supporting (A&A) documentation
- Experience supporting various computer hardware platforms and multiple operating systems, particularly LAN/WAN configurations
- Working knowledge of operating systems security features and settings (e.g. Windows, UNIX, and Linux)
- Professional demeanor, good interpersonal skills, and ability to excel in a high-paced multi-tasked environment
- Able to work individually, as well as part of a team (both leader and follower)
- Proficient in Microsoft Applications (Word, Excel, PowerPoint, Access, Visio, etc.) Strong communication skills with the ability to communicate effectively in both oral and written modes, and be able to author and present subject specific presentations (briefings)
- Must have the ability to effectively manage one's time and be able to prioritize assigned tasks
- Willing and able to travel up to 10% of work schedule
- Maintain an IAM Level I DoD 8570.1M-compliant Professional Certification (Security+CE, GSLC, CAP, etc.)
Required Education (including Major)
- Holds a current Single Scope Background Investigation (SSBI) (less than 5 years old)
- Prior ISSO/Information Assurance Officer (IAO) or alternate ISSO/IAO experience
- System vulnerability management experience to include working knowledge of SCAP, ACAS/Nessus, and DISA STIGs
- Experience with preparing for CCRI and other US Government inspections
- NIPRNet/SIPRNet enclave Cybersecurity experience
- Thorough knowledge of NIST Special Publications 800-series, CNSS policies and instructions, and other requirements documents associated with the Risk Management Framework
- Experience using SPLUNK as an audit collection and reduction tool
Bachelor's Degree in Computer Science, Information Systems, Information Assurance, Cyber Security, or related field of study OR 8 additional years of experience in lieu of education.This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.